Honeywell Excel Web Control Login Panel - Detect

What is the "Honeywell Excel Web Control Login Panel - Detect?"

The "Honeywell Excel Web Control Login Panel - Detect" module is designed to detect the presence of the Honeywell Excel Web Control login panel. This module focuses on identifying misconfigurations or vulnerabilities related to the login panel. The severity of this module is classified as informative, meaning it provides valuable information without indicating an immediate threat. The original author of this module is dhiyaneshDK.

Impact

This module aims to identify the presence of the Honeywell Excel Web Control login panel, but it does not directly impact the system or introduce any changes. Its purpose is to provide information about the login panel's existence, which can be useful for further analysis and security assessments.

How does the module work?

The module utilizes HTTP request templates and matching conditions to detect the Honeywell Excel Web Control login panel. It sends a GET request to the "/standard/default.php" path and applies two matching conditions:

- The response body must contain the HTML title tag "<title>Honeywell XL Web Controller</title>". - The response status code must be 200 (OK).

If both conditions are met, the module considers the Honeywell Excel Web Control login panel to be present.

For example, the module sends the following HTTP request:

GET /standard/default.php

The module then analyzes the response to determine if it matches the specified conditions. If the response body contains the expected HTML title tag and the status code is 200, the module reports the detection of the Honeywell Excel Web Control login panel.

For more information, you can refer to the exploit-db.com reference.

Metadata: max-request: 1